
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<%@taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>
<%@taglib prefix="sss" uri="WEB-INF/sss.tld" %>

<%@page import="org.springframework.security.*"%>
<%@page import="org.springframework.security.context.*"%>


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>JSP Page</title>
    </head>
    <body>
        <h1>Tags</h1>

		<h3>sec:authentication</h3>
		<ul>
			<sec:authentication property="authorities" var="authorities" scope="page"/>
			<c:forEach items="${authorities}" var="authority">
				<li><c:out value="${authority.authority}"/></li>
			</c:forEach>
		</ul>

		<h3>sec:authorize</h3>
		<ul>
			<c:set var="auths" value="ROLE_ADMIN,ROLE_USER"/>
			<sec:authorize ifAllGranted="${auths}"><li>admin and user</li></sec:authorize>
		
			<c:set var="auths" value="ROLE_ADMIN,ROLE_USER"/>
			<sec:authorize ifAnyGranted="${auths}"><li>admin or user</li></sec:authorize>
		
			<c:set var="auths" value="ROLE_ADMIN"/>
			<sec:authorize ifNotGranted="${auths}"><li>not admin</li></sec:authorize>
		</ul>

		<h3>sss:security</h3>
		<ul>
			<sss:security resourceName="root_url"><li>root_url</li></sss:security>
			<sss:security resourceName="admin_url"><li>admin_url</li></sss:security>
			<sss:security resourceName="user_url"><li>user_url</li></sss:security>
			<sss:security resourceName="index_url"><li>index_url</li></sss:security>
			<sss:security resourceName="tag_url"><li>tag_url</li></sss:security>
		</ul>

		<div>
			<a href="index.jsp">Index</a>
			<a href="admin.jsp">Admin</a>
			<a href="user.jsp">User</a>
			<a href="j_spring_security_logout">Logout</a>
		</div>
	</body>
</html>

<%
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
GrantedAuthority[] grantedAuthorities = authentication.getAuthorities();
for (GrantedAuthority grantedAuthority : grantedAuthorities) {
	out.println(grantedAuthority.getAuthority() + "<br/>");
}
%>